本文整理汇总了C#中IClaimsPrincipal类的典型用法代码示例。如果您正苦于以下问题:C# IClaimsPrincipal类的具体用法?C# IClaimsPrincipal怎么用?C# IClaimsPrincipal使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
IClaimsPrincipal类属于命名空间,在下文中一共展示了IClaimsPrincipal类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C#代码示例。
示例1: ShowClaims
private void ShowClaims(IClaimsPrincipal principal)
{
foreach (IClaimsIdentity identity in principal.Identities)
{
var identityInfo = new HtmlGenericControl("dl");
AddListItem(identityInfo, "BootstrapToken",
null != identity.BootstrapToken ? identity.BootstrapToken.ToString() : String.Empty);
AddListItem(identityInfo, "Label", identity.Label);
AddListItem(identityInfo, "NameClaimType", identity.NameClaimType);
AddListItem(identityInfo, "RoleClaimType", identity.RoleClaimType);
var claimsInfo = new HtmlGenericControl("dl");
identityInfo.Controls.Add(new HtmlGenericControl("dt") { InnerText = "Claims" });
var claims = new HtmlGenericControl("dd");
claims.Controls.Add(claimsInfo);
identityInfo.Controls.Add(claims);
foreach (Claim claim in identity.Claims)
{
AddListItem(claimsInfo, "ClaimType", claim.ClaimType);
AddListItem(claimsInfo, "Issuer", claim.Issuer);
AddListItem(claimsInfo, "OriginalIssuer", claim.OriginalIssuer);
AddListItem(claimsInfo, "Value", claim.Value);
AddListItem(claimsInfo, "ValueType", claim.ValueType);
}
claimsList.Controls.Add(identityInfo);
}
}
开发者ID:davidajulio,项目名称:claims,代码行数:28,代码来源:AuthInfo.cs
示例2: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
throw new NotImplementedException();
var scope = new Scope();
return scope;
}
开发者ID:cmfaustino,项目名称:PROMPT11-08-Security.cmfaustino,代码行数:7,代码来源:FederationController.cs
示例3: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
Scope scope = new Scope(request.AppliesTo.Uri.AbsoluteUri, SecurityTokenServiceConfiguration.SigningCredentials);
string encryptingCertificateName = WebConfigurationManager.AppSettings[ApplicationSettingsNames.EncryptingCertificateName];
if (!string.IsNullOrEmpty(encryptingCertificateName))
{
scope.EncryptingCredentials = new X509EncryptingCredentials(CertificateUtilities.GetCertificate(StoreName.My, StoreLocation.LocalMachine, encryptingCertificateName));
}
else
{
scope.TokenEncryptionRequired = false;
}
if (!string.IsNullOrEmpty(request.ReplyTo))
{
scope.ReplyToAddress = request.ReplyTo;
}
else
{
scope.ReplyToAddress = scope.AppliesToAddress;
}
return scope;
}
开发者ID:hanzzhang,项目名称:developguide,代码行数:25,代码来源:IdentityProviderSecurityTokenService.cs
示例4: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
// do nothing if anonymous request
if (!incomingPrincipal.Identity.IsAuthenticated)
{
return base.Authenticate(resourceName, incomingPrincipal);
}
var userRepo = (System.Web.Mvc.DependencyResolver.Current.GetService(typeof(Blog.Dal.UserRepo)) as Blog.Dal.UserRepo);
string uniqueId = GetUniqueId(incomingPrincipal);
// check if user is registered
var user = userRepo.GetUserByIdentity(uniqueId);
if (user == null)
{
//user = userRepo.CreateUser(uniqueId);
//user.Claims.AddRange(ToSimpleClaim(uniqueId, incomingPrincipal.Identities[0].Claims));
}
else
{
// sync claims
}
//return CreateUserPrincipal(uniqueId, data);
//// authenticated by ACS, but not registered
//// create unique id claim
//incomingPrincipal.Identities[0].Claims.Add(new Claim(Constants.ClaimTypes.Id, uniqueId));
//return incomingPrincipal;
return base.Authenticate(resourceName, incomingPrincipal);
}
开发者ID:nordseth,项目名称:blog,代码行数:33,代码来源:ClaimsTransformer.cs
示例5: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
ValidateAppliesTo(request.AppliesTo);
Scope scope = new Scope(request.AppliesTo.Uri.OriginalString,
SecurityTokenServiceConfiguration.SigningCredentials);
var settings = ServiceLocator.Current.GetInstance<IEncryptionSettings>();
if (settings.Encrypt)
{
// Important note on setting the encrypting credentials.
// In a production deployment, you would need to select a certificate that is specific to the RP that is requesting the token.
// You can examine the 'request' to obtain information to determine the certificate to use.
scope.EncryptingCredentials = new X509EncryptingCredentials(settings.Certificate);
}
else
{
// If there is no encryption certificate specified, the STS will not perform encryption.
// This will succeed for tokens that are created without keys (BearerTokens) or asymmetric keys.
scope.TokenEncryptionRequired = false;
}
// Set the ReplyTo address for the WS-Federation passive protocol (wreply). This is the address to which responses will be directed.
// In this template, we have chosen to set this to the AppliesToAddress.
scope.ReplyToAddress = scope.AppliesToAddress;
return scope;
}
开发者ID:dotnet-koelnbonn,项目名称:DotnetKoelnBonnSTS,代码行数:28,代码来源:DotnetKoelnSecurityTokenService.cs
示例6: GetScope
/// <summary>
/// Returns the configuration for the token issuance request.
/// </summary>
/// <param name="principal">The caller's principal.</param>
/// <param name="request">The incoming request security token.</param>
/// <returns>The scope information to be used for the token issuance.</returns>
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
// Verify the request, i.e. the requesting realm. The reply address does not need to be
// checked since it is being hardcoded within this security token service and does not
// depend on the request hence.
var appliesTo = request.AppliesTo.Uri.AbsoluteUri;
if(appliesTo != "http://www.silkveil.net/")
{
throw new SecurityException(string.Format(CultureInfo.CurrentUICulture,
"The uri '{0}' is not supported.", appliesTo));
}
// Create the scope.
var scope = new Scope(
request.AppliesTo.Uri.OriginalString,
this.SecurityTokenServiceConfiguration.SigningCredentials,
new X509EncryptingCredentials(new CertificateManager().GetEncryptingCertificate()));
// Get the navigation service.
var navigationService = this._container.Resolve<INavigationService>();
// Set the reply to address.
scope.ReplyToAddress = navigationService.GetUIPath();
// Return the scope to the caller.
return scope;
}
开发者ID:peterbucher,项目名称:silkveil,代码行数:33,代码来源:SecurityTokenService.cs
示例7: GetScope
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
this.scopeModel = this.ValidateAppliesTo(request.AppliesTo);
var scope = new Scope(request.AppliesTo.Uri.OriginalString, SecurityTokenServiceConfiguration.SigningCredentials);
scope.TokenEncryptionRequired = false;
string replyTo;
if (!string.IsNullOrEmpty(request.ReplyTo))
{
replyTo = request.ReplyTo;
}
else if (this.scopeModel.Url != null)
{
replyTo = this.scopeModel.Url.ToString();
}
else
{
replyTo = scope.AppliesToAddress;
}
scope.ReplyToAddress = replyTo;
return scope;
}
开发者ID:AshD,项目名称:authbridge,代码行数:25,代码来源:MultiProtocolSecurityTokenService.cs
示例8: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (incomingPrincipal.Identity.IsAuthenticated)
{
var identity = incomingPrincipal.Identity as IClaimsIdentity;
var user = EnsureApplicationUser(identity);
if (user != null)
{
if (identity.Claims.FirstOrDefault(c => c.ClaimType == ClaimTypes.Name) == null)
{
identity.Claims.Add(new Claim(ClaimTypes.Name, user.Name, user.Name.GetType().Name, ClaimIssuerName));
}
if (identity.Claims.FirstOrDefault(c => c.ClaimType == ClaimTypes.Email) == null)
{
identity.Claims.Add(new Claim(ClaimTypes.Email, user.Email, user.Email.GetType().Name, ClaimIssuerName));
}
foreach (var role in user.Roles)
{
identity.Claims.Add(new Claim(ClaimTypes.Role, role.RoleName, role.RoleName.GetType().Name, ClaimIssuerName));
}
}
}
return incomingPrincipal;
}
开发者ID:ShuHuiC,项目名称:BlobShare,代码行数:28,代码来源:AccountAssociationClaimsAuthenticationManager.cs
示例9: GetScope
/// <summary>
/// This method returns the configuration for the token issuance request. The configuration
/// is represented by the Scope class. In our case, we are only capable of issuing a token for a
/// single RP identity represented by the EncryptingCertificateName.
/// </summary>
/// <param name="principal">The caller's principal.</param>
/// <param name="request">The incoming RST.</param>
/// <returns>The scope information to be used for the token issuance.</returns>
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken request)
{
ValidateAppliesTo(request.AppliesTo);
//
// Note: The signing certificate used by default has a Distinguished name of "CN=STSTestCert",
// and is located in the Personal certificate store of the Local Computer. Before going into production,
// ensure that you change this certificate to a valid CA-issued certificate as appropriate.
//
Scope scope = new Scope(request.AppliesTo.Uri.OriginalString, SecurityTokenServiceConfiguration.SigningCredentials);
if (!string.IsNullOrEmpty(_encryptingCertificateName))
{
// Important note on setting the encrypting credentials.
// In a production deployment, you would need to select a certificate that is specific to the RP that is requesting the token.
// You can examine the 'request' to obtain information to determine the certificate to use.
scope.EncryptingCredentials = new X509EncryptingCredentials(CertificateUtil.GetCertificate(StoreName.My, StoreLocation.LocalMachine, _encryptingCertificateName));
}
else
{
// If there is no encryption certificate specified, the STS will not perform encryption.
// This will succeed for tokens that are created without keys (BearerTokens) or asymmetric keys.
scope.TokenEncryptionRequired = false;
}
// Set the ReplyTo address for the WS-Federation passive protocol (wreply). This is the address to which responses will be directed.
// In this template, we have chosen to set this to the AppliesToAddress.
scope.ReplyToAddress = scope.AppliesToAddress;
return scope;
}
开发者ID:juanonsoftware,项目名称:practices,代码行数:39,代码来源:CustomSecurityTokenService.cs
示例10: GetClaims
public IEnumerable<Claim> GetClaims(IClaimsPrincipal principal, RequestDetails requestDetails)
{
var userName = principal.Identity.Name;
var claims = new List<Claim>();
// email address
string email = Membership.FindUsersByName(userName)[userName].Email;
if (!String.IsNullOrEmpty(email))
{
claims.Add(new Claim(ClaimTypes.Email, email));
}
// roles
GetRoles(userName, RoleTypes.Client).ToList().ForEach(role => claims.Add(new Claim(ClaimTypes.Role, role)));
// profile claims
if (ProfileManager.Enabled)
{
var profile = ProfileBase.Create(userName, true);
if (profile != null)
{
foreach (SettingsProperty prop in ProfileBase.Properties)
{
string value = profile.GetPropertyValue(prop.Name).ToString();
if (!String.IsNullOrWhiteSpace(value))
{
claims.Add(new Claim(ProfileClaimPrefix + prop.Name.ToLowerInvariant(), value));
}
}
}
}
return claims;
}
开发者ID:highwaychurch,项目名称:web,代码行数:34,代码来源:ProviderUserRepository.cs
示例11: GetScope
/// <summary>
/// Analyzes the token request
/// </summary>
/// <param name="principal">The principal.</param>
/// <param name="request">The request.</param>
/// <returns>A PolicyScope that describes the relying party and policy options</returns>
protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken rst)
{
if (rst.AppliesTo == null)
{
Tracing.Error(string.Format("token request from {0} - but no realm specified.",
principal.Identity.Name));
throw new MissingAppliesToException();
}
Tracing.Information(string.Format("Starting token request from {0} for {1}",
principal.Identity.Name,
rst.AppliesTo.Uri.AbsoluteUri));
Tracing.Information("Authentication method: " + principal.Identities.First().GetClaimValue(ClaimTypes.AuthenticationMethod));
// analyze request
var request = new Request(GlobalConfiguration);
var details = request.Analyze(rst, principal);
// validate against policy
request.Validate(details);
// create scope
var scope = new RequestDetailsScope(
details,
SecurityTokenServiceConfiguration.SigningCredentials,
GlobalConfiguration.RequireEncryption);
return scope;
}
开发者ID:saikat2k01,项目名称:Thinktecture.IdentityServer,代码行数:37,代码来源:TokenService.cs
示例12: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (incomingPrincipal != null && incomingPrincipal.Identity.IsAuthenticated)
{
ClaimsIdentityCollection x509Ids = GetIdentitiesFromClaim(incomingPrincipal,
ClaimTypes.AuthenticationMethod, AuthenticationMethods.X509);
foreach(IClaimsIdentity x509Identity in x509Ids)
{
// this is the main identity, get the entity attributes in the Trust Fabric from the X509 thumbprint
string x509Thumbprint = GetClaimValue(x509Identity, "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint");
if (!string.IsNullOrEmpty(x509Thumbprint))
{
string x509HexThumbprint = Base64Util.FromBase64ToHex(x509Thumbprint);
List<EntityAttribute> entityAttributes = _trustFabric.GetWscEntityAttributesFromX509Thumprint(x509HexThumbprint);
// now add the antity attributes to the identity
foreach (EntityAttribute entityAttribute in entityAttributes)
{
x509Identity.Claims.Add(new Claim(entityAttribute.AttributeType, entityAttribute.AttributeValue));
}
}
}
}
return incomingPrincipal;
}
开发者ID:gtkrug,项目名称:gfipm-ws-ms.net,代码行数:29,代码来源:WspClaimsTransformer.cs
示例13: GetClaims
public IEnumerable<Claim> GetClaims(IClaimsPrincipal principal, RequestDetails requestDetails)
{
var claims = from c in NewContext.UserClaims
where c.PartitionKey == principal.Identity.Name.ToLower() &&
c.Kind == UserClaimEntity.EntityKind
select new Claim(c.ClaimType, c.Value);
return claims.ToList();
}
开发者ID:saikat2k01,项目名称:Thinktecture.IdentityServer,代码行数:9,代码来源:TableStorageClaimsRepository.cs
示例14: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (!incomingPrincipal.Identity.IsAuthenticated)
{
return base.Authenticate(resourceName, incomingPrincipal);
}
return CreateClientIdentity(incomingPrincipal.Identity as ClaimsIdentity);
}
开发者ID:bencoveney,项目名称:Thinktecture.IdentityModel.40,代码行数:9,代码来源:ConsultantsClaimsTransformer.cs
示例15: Authenticate
public override IClaimsPrincipal Authenticate(string resourceName, IClaimsPrincipal incomingPrincipal)
{
if (incomingPrincipal.Identity.IsAuthenticated)
{
incomingPrincipal.Identities.First().Claims.Add(new Claim("http://claims/localtest", DateTime.Now.ToLongTimeString()));
}
return incomingPrincipal;
}
开发者ID:IdentityModel,项目名称:Thinktecture.IdentityModel.v1,代码行数:9,代码来源:ClaimsTransformer.cs
示例16: GetOutputClaimsIdentity
protected override IClaimsIdentity GetOutputClaimsIdentity(IClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
if (null == claimSet)
return principal.Identity as IClaimsIdentity;
ClaimsIdentity identity = new ClaimsIdentity();
identity.Claims.AddRange(claimSet);
return identity;
}
开发者ID:davidajulio,项目名称:hx,代码行数:10,代码来源:SecurityTokenService.cs
示例17: CheckAccess
public static bool CheckAccess(IClaimsPrincipal principal, string action, string resource, params string[] additionalResources)
{
var context = CreateAuthorizationContext(
principal,
action,
resource,
additionalResources);
return ClaimsAuthorization.CheckAccess(context);
}
开发者ID:saikat2k01,项目名称:Thinktecture.IdentityServer,代码行数:10,代码来源:ClaimsAuthorizeAttribute.cs
示例18: ProcessRequest
/// <summary>
/// Processes a WS-Federation request.
/// </summary>
/// <param name="request">The WS-Federation request message.</param>
/// <param name="principal">The client principal.</param>
/// <param name="configuration">The token service configuration.</param>
public static void ProcessRequest(WSFederationMessage request, IClaimsPrincipal principal, SecurityTokenServiceConfiguration configuration)
{
Contract.Requires(request != null);
Contract.Requires(principal != null);
Contract.Requires(configuration != null);
HttpContext context = HttpContext.Current;
if (request.Action == WSFederationConstants.Actions.SignIn)
{
var response = ProcessSignInRequest(
(SignInRequestMessage)request,
principal,
configuration);
response.Write(context.Response.Output);
context.Response.Flush();
context.Response.End();
}
else if (request.Action == WSFederationConstants.Actions.SignOut)
{
var signOut = (SignOutRequestMessage)request;
ProcessSignOutRequest();
if (!String.IsNullOrEmpty(signOut.Reply))
{
context.Response.Redirect(signOut.Reply);
}
else
{
context.Response.Redirect("~/");
}
}
else if (request.Action == WSFederationConstants.Actions.SignOutCleanup)
{
var signOut = (SignOutCleanupRequestMessage)request;
ProcessSignOutRequest();
if (!String.IsNullOrEmpty(signOut.Reply))
{
context.Response.Redirect(signOut.Reply);
}
else
{
context.Response.Redirect("~/");
}
}
else
{
throw new InvalidOperationException(String.Format(
CultureInfo.InvariantCulture,
"Unsupported Action: {0}", request.Action));
}
}
开发者ID:IdentityModel,项目名称:Thinktecture.IdentityModel.v1,代码行数:61,代码来源:PassiveMessageHandler.cs
示例19: Authenticate
/// <summary>
/// Authenticates a specified resource by its name.
/// </summary>
/// <param name="resourceName">
/// Name of the resource.
/// </param>
/// <param name="claimsPrincipal">
/// The claims principal.
/// </param>
/// <returns>
/// Returns claims principal for given resource
/// </returns>
public override IClaimsPrincipal Authenticate( string resourceName, IClaimsPrincipal claimsPrincipal )
{
if ( claimsPrincipal.Identity.IsAuthenticated )
{
var sessionFactory = GetSessionFactory ();
using ( var session = sessionFactory.GetCurrentSession () )
using ( var trans = session.BeginTransaction () )
{
var identity = claimsPrincipal.Identity as IClaimsIdentity;
if ( identity != null )
{
var nameIdentifier = identity.Claims.First ( c => c.ClaimType == Microsoft.IdentityModel.Claims.ClaimTypes.NameIdentifier ).Value;
Logger.Debug("Name identifier for authenticated principal ({0}): {1}.", identity.Name, nameIdentifier);
Logger.Debug("Resolving dependency on {0}.", typeof(ISystemAccountRepository).Name);
var systemAccountRepository = IoC.CurrentContainer.Resolve<ISystemAccountRepository>();
Logger.Debug("Resolved dependency on {0}.", typeof(ISystemAccountRepository).Name);
var systemAccount = systemAccountRepository.GetByIdentifier ( nameIdentifier );
if ( systemAccount != null )
{
Logger.Debug("Resolving dependency on {0}.", typeof(IPermissionClaimsManager).Name);
var permissionClaimsManager = IoC.CurrentContainer.Resolve<IPermissionClaimsManager>();
Logger.Debug("Resolved dependency on {0}.", typeof(IPermissionClaimsManager).Name);
Logger.Debug("Issue more claims for ({0} ({1}))", systemAccount.DisplayName, systemAccount.EmailAddress.Address);
permissionClaimsManager.IssueSystemPermissionClaims ( claimsPrincipal, systemAccount );
permissionClaimsManager.IssueAccountKeyClaims ( claimsPrincipal, systemAccount );
}
else
{
var errorMessage = string.Format (
"Authenticated principal ({0}) with identifier ({1}) does not have a system account in REM.", identity.Name, nameIdentifier );
Logger.Debug(errorMessage);
}
}
trans.Commit ();
}
}
else
{
Logger.Debug("Resolving dependency on {0}.", typeof(IFederatedAuthenticationProvider).Name);
var federatedAuthenticationProvider = IoC.CurrentContainer.Resolve<IFederatedAuthenticationProvider>();
Logger.Debug("Resolved dependency on {0}.", typeof(IFederatedAuthenticationProvider).Name);
var federationAuthenticationModule = federatedAuthenticationProvider.GetFederationAuthenticationModule ();
Logger.Debug("Incoming IClaimsPrincipal was not authenticated. WIF will will redirect the request to the identity server {0}.", federationAuthenticationModule.Issuer);
}
return claimsPrincipal;
}
开发者ID:divyang4481,项目名称:REM,代码行数:66,代码来源:ClaimsAuthenticationManager.cs
示例20: CheckAccess
/// <summary>
/// Checks the authorization policy.
/// </summary>
/// <param name="resource">The resource.</param>
/// <param name="action">The action.</param>
/// <param name="principal">The principal.</param>
/// <returns>true when authorized, otherwise false</returns>
public static bool CheckAccess(string resource, string action, IClaimsPrincipal principal)
{
Contract.Requires(!String.IsNullOrEmpty(resource));
Contract.Requires(!String.IsNullOrEmpty(action));
Contract.Requires(principal != null);
var context = new AuthorizationContext(principal, resource, action);
return AuthorizationManager.CheckAccess(context);
}
开发者ID:acollard,项目名称:Thinktecture.IdentityModel.40,代码行数:18,代码来源:ClaimsAuthorization.cs
注:本文中的IClaimsPrincipal类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论